Skills
skills/jrollin/claudio/agent-browser/Gen Agent Trust Hub

agent-browser

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires global installation of the 'agent-browser' NPM package, which is a vendor-provided resource for browser automation.
  • [COMMAND_EXECUTION]: The 'agent-browser eval' command allows execution of arbitrary JavaScript within the browser context, a powerful tool for complex automation.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection from untrusted web content. 1. Ingestion points: Data is retrieved from websites via snapshots, console logs, and text extraction. 2. Boundary markers: No explicit delimiters or instructions are used to distinguish web content from system commands. 3. Capability inventory: High-risk capabilities include arbitrary JS execution (eval), file uploads, and navigation. 4. Sanitization: No evidence of sanitization or filtering of web-based input is provided.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 02:01 PM
Security Audit — agent-trust-hub — agent-browser